Kickstart your homelab with netboot.xyz

I use a home lab for daily work and for testing purposes, I need to hop between Linux distros often. I’ve replaced my homegrown PXE boot environment with netboot.xyz. I built it for a few operating systems and all was good. I ran into netboot.xyz, and it was quickly pretty clear, this is what you want in a homelab when you have to hop between operating systems using virtual machines. Reducing the need for building bootable thumb drives or shuffling ISOs around is great. It has batteries included with boot menu configs, and it works out of the box. It allows also a lot of customization if needed. As a reminder to my future self and for others here is my config to get it working quickly.

Mirroring a container registry

I was working on an article How to run an air gap installation of OpenNMS Horizon on Rocky Linux. I ran into a similar use case and it was not about RPMs or DEB packages, it was all about container images and registries. My question was, how can I get “all” container images into a private registry from DockerHub? Getting your hands dirty with a private registry is something I’ve described in Running a private container registry for testing. Here is a short how-to on how I did it for my future self or anyone else with a similar question.

IPv6 prefix delegation with FRITZ!OS 7.50 and Ubiquiti ER-4

I started working remotely in 2010 for OpenNMS as an open-source network monitoring advocate. I have a little home lab with some real hardware that allows me to play on various things without giving me a big surprise bill from a cloud provider at the end of the month. I have a FRITZ!Box 7530 connected to my ISP 1&1. I get native IPv6 and IPv4 connectivity over an IPv4-in-IPv6-Tunnel. As my main router, I have a Ubiquiti ER-4. It gives me enhanced firewall capabilities and flexibility, especially with routing protocols like OSPF and BGP. I have two networks, one for my work-related stuff and another with all the fun crap you have for fun at home.

Running a private container registry for testing

When I signed up for my DockerHub account in 2013, I never thought sooner than later everything ends up in a container image as it is today. DockerHub was the first public free as in free beer registry to distribute your container images. Containers are now everywhere, and DockerHub, a corporate entity running and funding DockerHub, introduced usage limits for the free tier and started commercializing its registry service. I need to play with software in a micro-service architecture on a platform like Kubernetes, and these limits can be daunting.

APT Monitoring with Prometheus

As soon you run a Linux server, you need to make sure your systems are up-to-date. It would also be handy to know if you had Kernel upgrades which require a reboot of the system to get applied.

I came across a blog post from Tom Henderson which provided a solution using the Node_Exporter with Prometheus. The way he solved this is pretty slick. I had to tweak the scripts a bit to get it running. He integrated an APT hook which runs a command on apt update and after installing packages. The hooks create a Prometheus file which can be easily shipped with the Node_Exporter.

Containers and Capabilities

I have to work with container images from time to time, and sometimes I need to do networking stuff. Of course, you want to do this as an unprivileged user. Especially when you mix and match with Docker or Kubernetes, it gets sometimes a bit tricky and a lot of people in our community including myself struggled on this part. To document it for my future-self and the ones interested – here is my scenario. I need regularly two things when I run OpenNMS tools in containers:

A cookbook for a K8s playground

In my last weeks, I had to work with deployments of OpenNMS with Kubernetes. Instead of spending dollars on cloud providers for my lab, I’ve bought a beefy cheap box for my home network for less than 1.500,-€ about a year ago. It saved me probably already more than I would have spent on similar resources in the cloud for my playgrounds. It has an Intel(R) Core(TM) i9-10880H CPU, 64 GB RAM, and 2 TB SSD which has enough steam to run VMware ESXi on it. The main goal for this lab is, to have something you can quickly ditch into the bin and rebuild from scratch without worrying, and at the beginning of something new, you’ll break it a lot for sure :)

ioquake3 in a container

Once upon a time, people had no internet access, or it was very expensive and slow. To have some fun, they spent weekends with their friends and hung out playing games over a local area network. It was so much fun it gained some interest and the space from your friends house was just too small for all the people. Parents and families went crazy and electric bills went through the roof. Locations got bigger and peoples needed a bit more advanced networks and dedicated servers. You started writing your first programs managing tournaments and automating dedicated servers. … it was long before we talked about something like Ansible or Salt Stack :)

This website is not available in your country

Note to my future self. You might find yourself in a situation where you are blocked from an internet service because of your geographic location. A way to get around is using a VPN from a friend in a non-evil geographic location or using a 3rd party VPN service. Sometimes you don’t have that option right away and you need something quickly - Torbrowser for the rescue.

Download and install the latest Torbrowser. Edit the torrc file and set a strict exit node from a country of your choice.

BGP monitoring playground

Monitoring BGP can be done in various ways. First thing people want to know is if there is a way to get notifications in case a BGP peering session goes down. A pretty common way monitoring the BGP peering session state is using SNMP and the RFC1269 MIB. In OpenNMS Horizon we have the BGP session monitor which allows to track the state using the BGP peer table. The downside is, you need to configure for every peering session a monitor and this can be cumbersome and hard to maintain.